Archives

With laptop thefts on the rise, businesses need to know how to keep their data safe and secure. Data breaches are a reality these days, and businesses of all sizes stand to suffer in equal measure.

There is nothing much that you can do if one of your employees loses his or her laptop. Apart from cautioning them to be more careful in the future, you also need to do something that ensures your company’s information does not fall into the wrong hands. It is vital to know how to delete data from a stolen laptop if you want to keep your company information safe.

How secure is your company laptop?

If you are in business, then using laptops and other mobile devices is inevitable. Also, with the bring-your-own-device (BYOD) trend increasing by the day among companies, laptop and other mobile device security should be of paramount importance to businesses of all sizes.

Companies have to share information with their partners, suppliers, and customers, both within and outside of their offices. It is, therefore, important that businesses understand the importance ofdocument management so that they can keep their proprietary content safe and secure from prying eyes.

Another measure that you should be using isencrypted security solutions. Encryption is one of the best ways that can ensure the security of your laptop. If your laptop uses data encryption, there are chances that your data will remain safe even if it is stolen. Also, laptop encryption tools these days are mature and readily available.

One of the most important aspects in data protection is to provide adequate training to employees on how to safely use their mobiles and laptops. Our blog post – “What You Need to Know Before Your Company Adopts BYOD” – covers the main security issues that should be addressed in establishing company policy regarding the business use of employees’ own devices.

If the worst occurs, and an employee’s laptop is stolen, performing a remote wipe before the thief can access data can help prevent a security breach.

What is a remote wipe?

Essentially, aremote wipe is a software solution or system capability to remotely delete and wipe out data on a system or device. Features like remote wipe are part of comprehensive data security management systems, which solve data breach problems that can occur due to not following BYOD policies or other security gaps in distributed company computing networks.

Data wipe is the method whereby stored data on a device gets deleted and destroyed using mobile access in the framework of mobile device management. But to protect your laptop and other mobile devices, you need to ensure that you set up remote wipe before the device is stolen so as to protect your personal and company information. Once a device is lost, it is not possible to wipe devices or deploy endpoint management easily.

Personal information data deletion is triggered once a remote erase command is executed from a remote system endpoint. The remote delete command can erase all the data on a device, or it can specifically target company-specific data.

Data and device wipe are useful techniques because when unauthorized access occurs in a device or system, it allows device administrators to initiate a factory reset easily and restores factory settings remotely.

When it comes to remote wiping, you have the option to either lock the device or erase the data. When dealing with lost devices, many businesses prefer to remote lock the device where the screen gets locked, preventing access to the device. Here the information remains on the device, but access to unauthorized users is denied. The other option is to remote wipe the stolen device. Between the two, it is always more prudent to remote wipe a stolen device rather than just locking it down.

If your laptop is stolen, you can use ‘Retire’ or ‘Wipe’ action to delete your company data and send the device back to factory reset mode. Microsoft provides acomplete set of instructions on performing these actions – and others.

Wipe

When you send a Wipe command, it restores a device to its factory settings. You have the option to keep the user data on the device if you select the Retain enrollment state and user account checkbox. If this checkbox is not selected, the Wipe command can erase all the apps and data on the device.

But you need to remember the Retain enrollment state, and user account option is not available on all the Windows laptops. It is available for Windows 10 version 1709 or later. When the device connects to Intune after the Wipe command, MDM policies will be reapplied. The Wipe feature can only function if the device is on and connected.

Retire

When you give a Retire command, it removes managed app data (where applicable), settings, and email profiles which were assigned by using Intune. The device gets removed from the Intune management, and this happens when the device next time checks in and receives the remote Retire command. A Retire command does not remove the personal data of the user. The Retire feature can only function if the device is on and connected.

You need power and a network connection to remote wipe – As Wipe is a command that is given to a device, the device needs to be turned on and connected to a network so that it can receive the command. You need to know that if the device is switched off, you cannot remote wipe the device.

Remote wipe has many options – There are many options available for a remote wipe. You can remote wipe the device and send it back to the factory reset mode. Also, there is an enterprise wipe option where only the company data and application get deleted from the device, and personal data is not touched. Another option is KeepAlive, where complete device reset happens automatically if the device goes missing for too long.

It is not possible for you to opt-out of it – If your laptop or mobile device is company-owned, or even in case of BYOD, your company will have some level of erasure capability to wipe your device.

Fortunately, overcoming the challenges of BYOD does not need to overwhelm your organization. DocuServe has the industry experience and solutions to protect company data in the BYOD work environment, keeping employees productive without risking data loss. Our eServe encryption solution provides content security in the cloud, mobile access, security at rest and in motion, encrypted data security, remote wipe and much more.

Contact us to learn how DocuServe can be the ideal solution for your company’s move to the brave new BYOD world.

With the start of the European Union’s (EU) General Data Protection Regulation (GDPR) on May 25 of this year, data privacy has a new meaning – and a new global respect. GDPR sent many American companies scrambling to achieve compliance as it implements sweeping changes on businesses that deal with customer data – which may even include yours. In other words, GDPR compliance isn’t just for EU-based companies.

GDPR Basics

TheGDPR was established to protect the personal data of EU residents and affects any business that has customers located in the EU. There is no restriction based on location, company size or scope of business, meaning any entity with an internet presence will be affected. Fines for non-compliance will be high. Data protection watchdogs can impose a fine of up to £20,000,000, or four percent of your total annual worldwide turnover. Any service offered to an EU resident – regardless of whether the service is free and which country hosts its servers – has to play by the rules. For all the information on the GDPR, visit its website,GDPREU.org.

A Major Difference

At issue is the major differences in the approach to collecting personal data in the United States and the EU. In the U.S., personal information is often collected as a matter of course, with only an ‘opt-out’ offered to consumers. By contrast, GDPR requires that in order to collect information from EU data subjects, an affirmative ‘opt in’ consent must be obtained that clearly specifies how the data will be used. Privacy policies must match.

Once information is obtained, the EU data subject has the right to request that his or her data be deleted; that is, to invoke the right ‘to be forgotten.’ Incorrect information must be corrected upon request. These rights may seem simple enough, but when data is held in multiple locations, developing a process to handle such requests could be difficult. As an organization, you need to knowhow GDPR will affect your paper documents. This is where adocument management system (DMS) can come in to help make your business GDPR-compliant.

A document management system manages, stores, and tracks electronic documents and electronic images. With the use of document management scanning, paper-based information can be captured and managed in a much more secure and efficient way. You can use a DMS to organize and control documents across your organization, which helps make your business GDPR-compliant.

With data breaches on the rise, businesses can’t do withoutcontent security. As a business, you need to protect your company information and customer details. Be it your company information, customer information, financial details, research, training, intellectual capital, corporate secrets, or securing yourmobile data for BYOD purposes, you need to make sure that your data remains secure, both at rest and in motion.

Also, it’s difficult for companies to know how many paper documents actually exist. Duplication on photocopier, removal of documents from your office and insecure disposal of documents can all lead to the existence of several copies of the same document, which is again a problem according to GDPR standards.

Encryption – A ransomware virus can easily access your organization’s data, which could include your staff records as well as customer bank details. But, with the DMS in place, all of your files are encrypted on entry, and held as images. A DMS ensures that your data and documents are kept safe even at the time of an attack. If you want to be GDPR-compliant, you need to use a DMS because it encrypts your data.

Role-based access control – According to the GDPR standard, you need to make sure that information and data are locked down. It should not only be kept safe from the outside world, but also within the organization. Your employees should not have access to all the information; it should only be need-based. You don’t need your sales manager to know your customer’s bank details. You can put in place rules with a DMS which can restrict access control.

Retention control – As an organization, you also need to keep in mind that you store data for an appropriate period. You cannot and should not hold on to the information beyond the stipulated time. When you start using a DMS, it makes sure that it stores personal data correctly, and flags documents that need deletion.

How DocuServe document management can help with GDPR

As mentioned earlier, an efficient DMS can help you comply with the GDPR. That is where DocuServe’s document management comes into the picture. DocuServe is a secure cloud-based content distribution and protection system that can keep your digital content safe. DocuServe provides you with complete control over your content, right up to the document level. Because DocuServe is a cloud-based technology, your documents, video, and other shared files don’t exist on the user’s device – which makes it easy for you to withdraw and manage access – also helping your organization’s GDPR compliance.

DocuServe ensures content security because the content is encrypted between the application and the operating system and within the document, which ensures greater security. This is another GDPR requirement which states that an organization should ensure that personal data is kept secure at all the times. With DocuServe, you can delete, eliminate, and remove your data as and when required – another important GDPR requirement.

Other ways in which DocuServe ensures GDPR compliance include:

Security (including mobile) at rest and in motion.

The right to be forgotten by deleting or removing personal data on request.

Privacy by design (everyone in the organization works in the same way and to the same procedures).

Data retention (securely delete information in part or incompletely).

DocuServe has the ideal DMS solution to help your business achieve GDPR compliance. Contact us today.

Businesses all over the world are adopting ways to deliver effective learning programs to their employees to help increase user engagement, productivity and retention. Looking after the learning and training needs of your employees is central to the success of every organization. Companies these days want to create a robust platform for corporate training that can deliver effective corporate training programs to a wider audience. And that is where a learning management system (LMS) fits the bill.

A learning management system can offer many benefits to organizations of all sizes. But first, let’s define what an LMS is all about.

What is an LMS?

An LMS is an enterprise-wide application that enhances the flow of information to managers. Asdescribed byAsha Pandey, CMD and Chief Learning Strategist at EI Design, it can manage, track, regulate, monitor and deliver learning programs to a wide audience. In addition to delivering fully automated online training, an LMS can support hybrid training models like blended learning and the flipped classroom approach. Also, an LMS solution can deliver training content, assignments and tests to employees, track their progress, manage recordkeeping and offer support on a continuous basis.

Benefits of adopting an LMS

The online revolution has altered our lives in many ways. The way we communicate, shop, and even learn and train have changed for the better. eLearning is an effective way of delivering course material in a classroom or training room environment. eLearning software solutions allow organizations to deliver corporate training programs and courses online, or other platforms.

How an LMS improves learning

It keeps track of learning – Employee development and meeting all the compliance norms are the two key factors that concern every organization. With an LMS in place, you don’t have to worry about these factors, as it tracks who has taken the training and how well they performed.

It reminds you about retraining – Learning and training should be a continuous process if you want your employees to remain up-to-date on all developments. An LMS can keep you informed on the last training taken by your employees, and the upcoming retraining schedule.

It provides real-time reporting – An LMS can track the progress of your employees accurately and provide comprehensive reports in real time.

It offers on-demand learning – With an LMS in place, your employees have around-the-clock access to training materials. They also have the option of revisiting the courses if they want to review the material.

It allows anytime, anywhere learning – mLearning – or mobile learning – is a growing trend, with organizations now delivering training courses on such mobile devices as smartphones and tablets.

How an LMS benefits your organization

Helps improve your employees’ performance – With an LMS in place, you can access eLearning courses on demand. It keeps your employees current on all recent developments and compliance norms, which helps improve their overall performance.

It speeds the process of compliance training – Bringing new hires up to speed faster is another advantage. Even for established employees, an LMS helps get everyone on board simultaneously when organizational changes occur, or new compliance regulations are established.

It helps multiple site deployment – You can conduct training at different locations without concerns about training consistency and uniformity. The same message is delivered across all locations, and everyone has access to the same material.

Everyone gets a chance to attend the training – Employees have the flexibility to schedule their training to their convenience – either completing the session at once, or as they have time, depending upon their workflow.

It can align with your organization’s learning needs – An LMS is a powerful corporate training tool that takes into consideration your organization’s learning needs. You can train your employees for new initiatives easily, consistently and effectively, and measure the impact of learning.

What to look for in an LMS

When you buy LMS software for your organization, you need to make sure that it offers features that keep your employees engaged. If the LMS you purchase lacks compelling functionalities, it will be difficult to generate user engagement.

Micro-learning engages more than half of employees – Because 58% of those surveyed said they would like to engage more with the training content if it was broken up into shorter lessons, micro-learning is a growing trend.

Gamification – In the survey, 35% of the employees said that real-life rewards based on the progress of learning would be the top gamification incentive for using their organization’s LMS. This is another trend that is quickly spreading. LMS systems have incorporated many video game-like functions, such as leaderboards, badges and point systems.

Social learning modules, such as discussion boards and content sharing – In the survey, 24% of respondents said that the discussion board – followed by content sharing (23%) – would be the social learning module that engages them the most with their company’s online learning tools. Another popular trend in online learning is the surge in social learning due to the rise of the social media in the last decade.

Mobile access – In the survey, employees were asked whether they would be more comfortable using corporate training software on their mobile devices. Almost half of them (48%) said they are more likely to use an LMS on their mobile devices, but surprisingly 39% of them said that mobile access would not make any difference to them.

If a learning management system is what you are looking for,DocuServe has solutions that will help you produce, manage and distribute your eLearning content without the need to hire an expensive in-house content development team. Our comprehensiveLMS tool can take your learning and training standard to the next level.Contact us for all your eLearning needs, and increase the engagement of your team members.

There is tremendous interest in the cryptocurrency space right now, and equal parts confusion, uncertainty, and doubt. Bitcoin, cryptocurrencies, blockchain, ICOs. What do these even mean? This guide will be a brief overview of what cryptocurrency is and how it works.

Cryptocurrency is a general name referring to all the encrypted decentralized digital currencies like Bitcoin. The underlying infrastructure that makes these cryptocurrencies what they are is called blockchain. At its simplest, a Blockchain is a shared database (ledger) that everyone can write to and access to verify transactions. It is extremely secure because the transactions are encrypted with 256-bit cryptographic keys. So instead of the record of every transaction that has occured on a server, all the information is kept in the decentralized ledger (the blockchain).

These ledgers are constantly checked against one another automatically to stay up to date with the master. The master is the longest most agreed-upon chain at any given time.

“Anyone (or any program) can check the ledger any time because the ledger is public. But, everything on the ledger is encrypted, so unless you have the key for the ledger slots you’re trying to look at, all you see is nonsense. This is how the system is able to be secure, but also public. Everything is encrypted using an algorithm that is, as of now, unhackable.” – Adam Kerpelman, founder and CEO of Juris – Human-Powered Dispute Resolution for Blockchain Smart Contracts,

When a new coin comes out it usually releases a “white paper” which is like a sales pitch. Initial Coin Offers (ICO’s) are new coins used for crowdfunding. Cryptocurrency is legal and taxable in the US, but it isn’t legal tender and is treated as an investment property. With that said, due to its infancy and history so far, cryptocurrencies should be invested in and used with their historical volatility in mind.

Is Cryptocurrency Safe?

Says Scott Amyx, of Amyx Ventures, “Cryptocurrencies are inherently very safe but the vulnerability of cryptocurrencies lies not with the underlying technology but rather with people and institutions — hackers trick the user into divulging access to the exchange, typically your email address and a password (via phishing) or to the private key in your wallet. Specific to exchanges, the most common way is to hack into your email account and then request a password reset to the exchange.”

Recent Hacks on Global Companies Suggest a Need for New Security Measures

It may seem like a pain. You are only trying to login to pay a bill, order a new toaster, or make an appointment, and they ask for more than a password. Rolling your eyes you have a code texted to you, or emailed, or even called. What a waste of time…right? When given the choice between having to spend an extra two minutes to login or having to cancel your credit card due to identity theft, which would you choose? Are passwords enough?

These days, it does not seem so.

I know what you’re thinking. At least I’m not one of those guys that make their password: password123, my information is not that vulnerable. Think again. Even the most nonsensical combination of upper and lowercase letters, numbers and symbols are capable of becoming compromised.

In many cases of compromised information, it is not even a case of a good guess when it comes to your password, but rather in phishing scams or other techniques that can deceive even the savviest of internet users. A recent Facebook Messenger scam made light of this, by compromising an account and sharing a video link to a person’s contacts, as that person. So, be careful before clicking that video that your best friend sent you. It may not be a cute cat video, but rather a way to obtain your personal information.

The need for more than just a password is a crucial enough issue for the individual, but failing to do so can be catastrophic for businesses that keep and protect sensitive information.

So what can you do?

There are a few solutions available to help secure your company’s sensitive information.

Password Managers

Password managers make it easier to keep dozens of unique passwords. That way, you do not need to repeat the same password over and over again. This is a common solution for workplaces that do not want to slow down their workers by making them wait on the codes or other keys for two-factor authentication. Instead of keeping an individual list of passwords, the password manager keeps it in memory, accessible only to those invited into the system by an administrator.

Simplifying Authentication

While having to get through two gateways can be a time-consuming burden on employees, simplifying two-factor authentication may be beneficial. In more recent instances, instead of waiting for a code or phone call, a mobile security app requires a single tap to allow access. In order for two-factor authentication to be both secure and functional, it needs to be fast, easy to manage and built to defend against threats.

Encryption

You may not always be able to protect against external threats, but you may be able to still protect what’s inside. By encrypting your important data, your sensitive information will be harder to obtain in the event of a breach.

Limit the Passwords that Employees Have Access to

Instead of giving everyone unlimited access to everything from the company Twitter to the main database, give access only to what is essential to get the job done. You’d much rather change 3-5 passwords than upward of 500 when an employee parts ways with the company.

Utilize Wiping Technology

If your company is one that allows employees to use their own devices, things can get complicated once an employee leaves. With the right technology, you can wipe all company data off of an external device, without disrupting the employee’s personal information. That way, they can quickly resume use of their device, and your company data remains safe from potential exposure.

Content security can make or break the integrity of your organization. It is important to keep a company’s proprietary information safe, not just for the company itself, but for the clients it serves and the workers it employs. DocuServe provides a document management solution for businesses, which increase your confidence in your company’s security protocol. When wondering “Are passwords enough?”, DocuServe can keep your information safe.

A few weeks ago, I surveyed a technical writing group on LinkedIn about the importance of security for technical publications and received feedback from more than a dozen industry professionals on this issue. Unilaterally, the responses were in the affirmative.

Document security is a requirement for doing business in government and healthcare, along with many others. The range of answers was broad, and by several accounts, inconsistent. Some companies broadly distribute their user documentation on corporate websites and deem it another form of marketing material.

Joe Hauglie, a Human Performance Consultant for a large equipment manufacturer, said “There are all types of security, from password-protected PDFs and documents are stored on a secure server, behind a firewall. Companies should have guidelines in place that indicate what should be private or otherwise. I think that all content should be evaluated before it is categorically released. “

While our survey shows that many larger companies have internal processes in place, small and mid-sized businesses are a bit behind in identifying what should be secure and how to secure it. In our experience, this is a bigger issue than protecting pdfs with a simple password, as the passwords can be shared along with the document to anyone without detection.

Some of our clients have asked us for parameters involving security by IP address, controlled web portal, timed access, and view only access. Requirements come in all shapes and sizes with secure digital content. We’d love to hear more stories about how your company solved the document security challenge including the costs in dollars and internal resources. What’s your experience with digital delivery of secure content?

While training professionals should understand these issues and create learning experiences in appropriate mediums, delivery considerations often distract them from what they most need to focus on: creating the content. While many enterprise companies have brought this function in house, small and mid-sized businesses are often without a reliable solution and are winging it. These companies often create simple, easily broken password-protected PDFs and call it a day, leaving their intellectual property up for grabs by their competitors.

When asked about these practices, my colleagues share stories that would give the company legal department pause. If your company’s content and people are what gives you the market edge, why would you leave your playbook in the other team’s locker room? The main response is about time and money. When there are so many options to consider- from ebooks formats and timed- access, to print and sharing considerations, many training professionals don’t have time to wade through the options and develop an organizational strategy.

If the resource isn’t in house, and your company values content security, it makes sense to find a partner who can help you develop an approach to content delivery and security, doesn’t it? What’s your strategy?